Fail2ban is a complementary tool to your firewall. It works by scanning log files and bans IPs which present suspicious activity such as failed logins. It is compatible with many UNIX-like systems and is a security tool to have in your arsenal. It can filter not only ssh logins, but other services too, for example […]
How to install Fail2ban on FreeBSD
How to replace a disk on a ZFS mirror pool
It’s happened to me, it’s happened to you, it’s happened more than one million times and it will still happen in the future. You run out of disk space or a disk fails. Nowadays you are using ZFS, and instead of having a fancy RAIDZ, because you still don’t need it, you are using a […]
How to patch OpenSSH in FreeBSD 12.2
The default version of OpenSSH in FreeBSD 12.2 today, and it’s been this for quite some time, is not the most recent published by the OpenBSD guys, which by the way are the ones developing OpenSSH. Not only is not the latest but it has a few vulnerabilities affecting it, medium risk ones but nevertheless […]
A brief introduction to SSL/TLS certificates
SSL stands for Secure Sockets Layer and it an old implementation of a crytographic protocol. TLS, or Transport Layer Security, is a new one. They are both used to have privacy in the communications between different parties. They are used to secure email, web browsing, instant messaging, etc These protocols work in a complex way […]
Lynis or how to quickly audit your system’s security configuration
A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]
Why FreeBSD
In the following lines you will find a brief but sort of complete explanation about what is FreeBSD and why FreeBSD might be of your interest. If you are already a Mac or Linux user this could be more relevant for you than you would imagine. Enjoy. FreeBSD is an operating system, a unix-like operating […]
How to detect a WAF – Web Application Firewall
From a penetration testing perspective to identify if a Web Application Firewall (WAF) is in place is essential. The next question is, does an administrator need to know this? My view is, anyone who is in charge of any system that has implemented some sort of WAF needs to verify this tool is working, at […]
How to install software in FreeBSD with pkgng
The pkgng is the package management system in FreeBSD. It is used to install applications, and specific modules, libraries, etc. Nowadays you can select in between more than 25.000 thousand. Yes, twenty five thousand. The syntax to use is very intuitive and simple. As you may be already aware software comes in two forms. Source […]
FreeBSD particularities
As some others unix-like operating systems FreeBSD has some particularities aside to the UNIX heritage, licensing and the like. The init system is the way a system starts up and the BSD has always been different. If you happen to be a UNIX admin I am sure you are aware of this and the folks […]
How to install Nagios on FreeBSD
As explained in an introduction article, Nagios is a monitoring software very well established and used in production on many environments. Results are displayed in a web page so it uses a web server to publish them to the user and needs some php code to do so. It is configured through files which happen […]